Links

Share project

Nmap ("Network Mapper") is a network utility for service discovery, monitoring and security auditing. Nmap utilizes raw IP packets for host discovery, port scanning, OS fingerprinting, firewall probing, and generating various statistics. It permits inspecting large network ranges but also works for single server checks. It's cross-platform compatible and also provides a X11 reporting GUI with Zenmap, and Ncat for data transfer and debugging, Ndiff for result comparison, and Nping for response analysis.

Recent Releases

7.7021 Mar 2018 20:45minor feature:
o Windows Updated the bundled Npcap from 0.93 to 0.99-r2, with many
Stability and installation improvements, as well as to
Raw 802.11 frame capture. See https://nmap.org/npcap/changelog
o Integrated all of your service/version detection fingerprints submitted from
March 2017 to August 2017 (728 of them). The signature count went up 1.02
to 11,672, including 26 new softmatches. We now detect 1224 protocols from.
Filenet-pch, lscp, and netassistant to sharp-remote, urbackup, and
Watchguard. We will try to integrate the remaining submissions in the next
Release.
o Integrated all of your IPv4 OS fingerprint submissions from September 2016
to August 2017 (667 of them). Added 298 fingerprints, bringing the new total
to 5,652. Additions include iOS 11, macOS Sierra, Linux 4.14, Android 7, and.
More.
o Integrated all 33 of your IPv6 OS fingerprint submissions from September
2016 to August 2017. New groups for OpenBSD 6.0 and FreeBSD 11.0 were added,
as well as strengthened groups for Linux and OS X.
o Added the --resolve-all option to resolve and scan all IP addresses of a.
Host. This essentially replaces the resolveall NSE script. Daniel Miller
o NSE SECURITY Nmap developer nnposter found a security flaw (directory.
Traversal vulnerability) in the way the non-default http-fetch script
Sanitized URLs. If a user manualy ran this NSE script with against a
Malicious web server, the server could potentially (depending on NSE
Arguments used) cause files to be saved outside the intended destination
Directory. Existing files couldn't be overwritten. We http-fetch,
Audited our other scripts to ensure they didn't make this mistake, and we
Updated the httpspider library API to protect against this by
Default. nnposter, Daniel Miller
o NSE Added 9 NSE scripts, from 8 authors, bringing the total up to 588!
They are all listed at https://nmap.org/nsedoc/, and the summaries are.
Below:
Deluge-rpc-brute performs brute-force credential testing against Deluge
Bit

7.4021 Dec 2016 11:45major feature:
o Windows Updated the bundled Npcap from 0.10r9 to 0.78r5, with an
Improved installer experience, driver signing updates to work with
Windows 10 build 1607, and for WiFi connectivity.
Problems. Yang Luo, Daniel Miller
o Integrated all of your IPv4 OS fingerprint submissions from April to
September (568 of them). Added 149 fingerprints, bringing the new total to
5,336. Additions include Linux 4.6, macOS 10.12 Sierra, NetBSD 7.0, and more.
Highlights: http://seclists.org/nmap-dev/2016/q4/110 Daniel Miller .
o Integrated all of your service/version detection fingerprints submitted from
April to September (779 of them). The signature count went up 3.1 to 11,095.
We now detect 1161 protocols, from airserv-ng, domaintime, and mep to.
Nutcracker, rhpp, and usher. Highlights: http://seclists.org/nmap-dev/2016/q4/115
Daniel Miller .
o reverse DNS on Windows which was failing with the message "mass_dns:
Warning: Unable to determine any DNS servers." This was because the interface
GUID comparison needed to be case-insensitive. Robert Croteau .
o NSE Added 12 NSE scripts from 4 authors, bringing the total up to 552!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below:
Cics-enum enumerates CICS transaction IDs, mapping to screens in TN3270.
Services. Soldier of Fortran
Cics-user-enum brute-forces usernames for CICS users on TN3270 services.
Soldier of Fortran .
Fingerprint-strings will print the ASCII strings it finds in the service.
Fingerprints that Nmap shows for unidentified services. Daniel Miller
+ GH#606 ip-geolocation-map-bing renders IP geolocation data as an image.
Via Bing Maps API. Mak Kolybabi
+ GH#606 ip-geolocation-map-google renders IP geolocation data as an image.
Via Google Maps API. Mak Kolybabi
+ GH#606 ip-geolocation-map-kml records IP geolocation data in a KML file.
For import into other mapping software Mak Kolybabi
Nje-pass-brute brute-forces the password to a NJE node, given a valid

7.3122 Oct 2016 21:45minor bugfix:
o Windows Updated the bundled Npcap from 0.10r2 to 0.10r9, bringing
Increased stability,, and raw 802.11 WiFi capture. Further details on these changes can be found at
Https://github.com/nmap/npcap/releases. Yang Luo
o the way Nmap handles scanning names that resolve to the same IP. Due to.
Changes in 7.30, the IP was only being scanned once, with bogus results
Displayed for the other names. The previous behavior is now restored.
Tudor Emil Coman .
o Nping GH#559 Nping's ability to use Npcap on Windows. A privilege.
Check was performed too late, so the Npcap loading code assumed the user had no
Rights. Yang Luo, Daniel Miller
o GH#350 an assertion failure due to floating point error in equality.
Comparison, which triggered mainly on OpenBSD:
Assertion "diff

7.3001 Oct 2016 06:25minor feature:
o Integrated all 12 of your IPv6 OS fingerprint submissions from June to
September. No new groups, but several classifications were strengthened.
Especially Windows localhost and OS X. Daniel Miller
o NSE Added 7 NSE scripts, from 3 authors, bringing the total up to 541!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below.
(authors are listed in brackets):
+ GH#369 coap-resources grabs the list of available resources from CoAP.
Endpoints. Mak Kolybabi
Fox-info retrieves detailed version and configuration info from Tridium
Niagara Fox services. Stephen Hilt .
Ipmi-brute performs authentication brute-forcing on IPMI services.
Claudiu Perta .
Ipmi-cipher-zero checks IPMI services for Cipher Zero support, which allows.
Connection without a password. Claudiu Perta
Ipmi-version retrieves protocol version and authentication options from
ASF-RMCP (IPMI) services. Claudiu Perta .
+ GH#352 mqtt-subscribe connects to a MQTT broker, subscribes to topics.
And lists the messages received. Mak Kolybabi
Pcworx-info retrieves PLC model, firmware version, and date from Phoenix
Contact PLCs. Stephen Hilt .
o Upgraded Npcap, our new Windows packet capturing driver/library.
From version to 0.09 to 0.10r2. This includes many, with a
Particular on emphasis on concurrency discovered by running
Hundreds of Nmap instances at a time. More details are available
From https://github.com/nmap/npcap/releases. Yang Luo, Daniel
Miller, Fyodor .
o New service probes and match lines for DTLS, IPMI-RMCP, MQTT, PCWorx,
ProConOS, and Tridium Fox, Stephen Hilt, Mak Kolybabi, Daniel Miller .
o Improved some output filtering to remove or escape carriage returns (' r').
That could allow output spoofing by overwriting portions of the screen. reported by Adam Rutherford. Daniel Miller
o NSE a few bad Lua patterns that could result in denial of service due
to excessive backtracking. Adam Rutherford, Daniel Miller .
o a discrepancy betw